← back
CVE-2018-7665

CVE-2018-7665

EPSS 16.2%
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 16.2%KEV nãoPoC Nuclei Metasploit simPatch
Lifecycle
03 Mar 2018Metasploit module available
05 Mar 2018Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.
Affected products
n/a · n/a